This page contains a Flash digital edition of a book.
REGULAR


THE COSTS OF CYBER-CRIME


James Shaw, of insurance broker Darwin Clayton, takes a look at what the cost of being a victim of cyber-crime really is and why you need to take steps to protect your business.


Cyber-crime never seemed far from the headlines in 2015, with many high profile attacks on household names, such as TalkTalk and Carphone Warehouse – or ones that became household names, like dating site, Ashley Madison. The threat has continued to increase this year and SMEs in the cleaning industry are at risk of a data breach.


When you look into the impacts of data breaches on small businesses, it reveals some alarming figures:


• It is believed that in 2014, nearly three quarters of small businesses in the UK had some form of security breach.


• The 2015 Information Security Breaches Survey showed that the cost of the average breach to small businesses was £75,000.


• The Ponemon Institute annual ‘Cost of Data Breach Study: Global Analysis’ found that the average consolidated total cost of a data breach in the UK has increased by 7% since 2013 to £2.37million.


• The Institute study also found that the average cost incurred for each lost or stolen record increased from £95 to £104.


Those sorts of figures will have a big impact on anyone’s bottom line if they fall victim to an attack.


IDENTIFYING THREATS It’s easy to think of cyber-crimes being perpetrated by faceless ‘hackers’, but a disgruntled staff member can also do significant damage, so you need to consider internal processes when looking to protect your business. A Morrison’s employee was jailed for eight years after releasing payroll


28 | Tomorrow’s Cleaning May 2016


data. For nearly 100,000 staff to newspapers and file sharing websites. The supermarket chain says it cost more than £2m to put right the effects of the breach. They also faced legal action from a number of the affected employees.


SPECIFIC COSTS There are a number of specific costs your business could incur following a data breach:


1. Breach costs – the costs incurred after the discovery of a data breach (electronic or otherwise) can be considerable. They include: forensic investigations, legal advice, notifying customers/regulators and offering support, such as credit monitoring, to affected individuals.


2. Business interruption following a cyber loss – a company can lose income if they suffer an attack and it prevents the business from earning revenue.


3. Crisis containment – it is vital to communicate quickly and confidently in order to minimise reputational damage – businesses incur costs for employing a PR company or consultant to carry out this work or in terms of time for their internal staff.


4. Cyber-crime – the theft of money, property or digital assets resulting in direct financial loss following an external hack into your company computer system.


5. Cyber-extortion – threats to lock you out of your systems or ransom demands to let you back in.


6. Hacker damage – the costs to repair, restore or replace any damage to your website, programmes or electronic data.


7. Telephone hacking – hackers can make unauthorised telephone calls after breaching computer networks. This includes traditional fixed-line systems as well as online tools (Skype, VoIP etc).


8. Privacy protection – costs to defend and settle claims made for failing to keep personal data secure, including investigations and civil penalties levied by regulators.


9. Media liability – accidental infringement of Intellectual Property rights or inadvertent libel in an email or electronic communication.


REPUTATIONAL RISK Alongside the financial costs, the reputational damage that can ensue following a data breach can be seriously detrimental. Information Commissioner’s Office (ICO) research published in 2015 found that 77% of people are already concerned about organisations not keeping their personal details secure; to keep your customers happy it’s important you ensure their fears aren’t valid.


WHAT SHOULD YOU DO? I outlined a number of steps in my last Tomorrow’s Cleaning column (March 2016), but a good start is the government website www.cyberstreetwise.com/ cyberessentials. The resources include a threat assessment, which I would recommend businesses take the time to carry out.


It’s also worth looking into a Cyber & Data Risks Insurance policy. The risks of cyber-crime are growing, so you should safeguard your business without delay.


www.darwinclayton.co.uk twitter.com/TomoCleaning


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78  |  Page 79  |  Page 80  |  Page 81  |  Page 82  |  Page 83  |  Page 84  |  Page 85  |  Page 86  |  Page 87  |  Page 88  |  Page 89  |  Page 90  |  Page 91  |  Page 92  |  Page 93  |  Page 94  |  Page 95  |  Page 96  |  Page 97  |  Page 98  |  Page 99  |  Page 100  |  Page 101  |  Page 102  |  Page 103  |  Page 104  |  Page 105  |  Page 106  |  Page 107  |  Page 108  |  Page 109  |  Page 110  |  Page 111  |  Page 112  |  Page 113  |  Page 114  |  Page 115  |  Page 116  |  Page 117  |  Page 118  |  Page 119  |  Page 120  |  Page 121  |  Page 122